Add possibility to copy files from guest to host

This makes the configuration into a one-liner (variable/path).

The start command can do the "mkdir" and "cat" automatically.

Signed-off-by: Anders F Björklund <[email protected]>

Author: afbjorklund

examples/default.yaml

@@ -336,6 +336,13 @@ networks:
 #   hostPortRange: [1, 65535]
 # # Any port still not matched by a rule will not be forwarded (ignored)
 
+# Copy files from the guest to the host. Copied after provisioning scripts have been completed.
+# copyToHost:
+# - guest: "/etc/myconfig.cfg"
+#   host: "{{.Dir}}/copied-from-guest/myconfig"
+# # "guest" can include these template variables: {{.Home}}, {{.UID}}, and {{.User}}.
+# # "host" can include {{.Home}}, {{.Dir}}, {{.Name}}, {{.UID}}, and {{.User}}.
+
 # Message. Information to be shown to the user, given as a Go template for the instance.
 # The same template variables as for listing instances can be used, for example {{.Dir}}.
 # You can view the complete list of variables using `limactl list --list-fields` command.

examples/k3s.yaml

@@ -5,8 +5,7 @@
 # It can be accessed from the host by exporting the kubeconfig file;
 # the ports are already forwarded automatically by lima:
 #
-# $ export KUBECONFIG=$PWD/kubeconfig.yaml
-# $ limactl shell k3s sudo cat /etc/rancher/k3s/k3s.yaml >$KUBECONFIG
+# $ export KUBECONFIG=$(limactl list k3s --format 'unix://{{.Dir}}/copied-from-guest/kubeconfig.yaml')
 # $ kubectl get no
 # NAME       STATUS   ROLES                  AGE   VERSION
 # lima-k3s   Ready    control-plane,master   69s   v1.21.1+k3s1
@@ -54,11 +53,12 @@ probes:
     The k3s kubeconfig file has not yet been created.
     Run "limactl shell k3s sudo journalctl -u k3s" to check the log.
     If that is still empty, check the bottom of the log at "/var/log/cloud-init-output.log".
+copyToHost:
+- guest: "/etc/rancher/k3s/k3s.yaml"
+  host: "{{.Dir}}/copied-from-guest/kubeconfig.yaml"
 message: |
   To run `kubectl` on the host (assumes kubectl is installed), run the following commands:
   ------
-  mkdir -p "{{.Dir}}/conf"
-  export KUBECONFIG="{{.Dir}}/conf/kubeconfig.yaml"
-  limactl shell {{.Name}} sudo cat /etc/rancher/k3s/k3s.yaml >$KUBECONFIG
+  export KUBECONFIG="{{.Dir}}/copied-from-guest/kubeconfig.yaml"
   kubectl ...
   ------

examples/k8s.yaml

@@ -5,8 +5,7 @@
 # It can be accessed from the host by exporting the kubeconfig file;
 # the ports are already forwarded automatically by lima:
 #
-# $ export KUBECONFIG=$PWD/kubeconfig.yaml
-# $ limactl shell k8s sudo cat /etc/kubernetes/admin.conf >$KUBECONFIG
+# $ export KUBECONFIG=$(limactl list k8s --format 'unix://{{.Dir}}/copied-from-guest/kubeconfig.yaml')
 # $ kubectl get no
 # NAME       STATUS   ROLES                  AGE   VERSION
 # lima-k8s   Ready    control-plane,master   44s   v1.22.3
@@ -155,11 +154,12 @@ probes:
       echo >&2 "kubernetes cluster is not up and running yet"
       exit 1
     fi
+copyToHost:
+- guest: "/etc/kubernetes/admin.conf"
+  host: "{{.Dir}}/copied-from-guest/kubeconfig.yaml"
 message: |
   To run `kubectl` on the host (assumes kubectl is installed), run the following commands:
   ------
-  mkdir -p "{{.Dir}}/conf"
-  export KUBECONFIG="{{.Dir}}/conf/kubeconfig.yaml"
-  limactl shell {{.Name}} sudo cat /etc/kubernetes/admin.conf >$KUBECONFIG
+  export KUBECONFIG="{{.Dir}}/copied-from-guest/kubeconfig.yaml"
   kubectl ...
   ------

pkg/hostagent/hostagent.go

@@ -356,6 +356,12 @@ func (a *HostAgent) startHostAgentRoutines(ctx context.Context) error {
 	if err := a.waitForRequirements(ctx, "final", a.finalRequirements()); err != nil {
 		mErr = multierror.Append(mErr, err)
 	}
+	// Copy all config files _after_ the requirements are done
+	for _, rule := range a.y.CopyToHost {
+		if err := copyToHost(ctx, a.sshConfig, a.sshLocalPort, rule.HostFile, rule.GuestFile); err != nil {
+			mErr = multierror.Append(mErr, err)
+		}
+	}
 	return mErr
 }
 
@@ -525,3 +531,30 @@ func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,
 	}
 	return nil
 }
+
+func copyToHost(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote string) error {
+	args := sshConfig.Args()
+	args = append(args,
+		"-p", strconv.Itoa(port),
+		"127.0.0.1",
+		"--",
+	)
+	args = append(args,
+		"sudo",
+		"cat",
+		remote,
+	)
+	logrus.Infof("Copying config from %s to %s", remote, local)
+	if err := os.MkdirAll(filepath.Dir(local), 0700); err != nil {
+		return fmt.Errorf("can't create directory for local file %q: %w", local, err)
+	}
+	cmd := exec.CommandContext(ctx, sshConfig.Binary(), args...)
+	out, err := cmd.Output()
+	if err != nil {
+		return fmt.Errorf("failed to run %v: %q: %w", cmd.Args, string(out), err)
+	}
+	if err := os.WriteFile(local, out, 0600); err != nil {
+		return fmt.Errorf("can't write to local file %q: %w", local, err)
+	}
+	return nil
+}

pkg/limayaml/defaults.go

@@ -315,6 +315,11 @@ func FillDefault(y, d, o *LimaYAML, filePath string) {
 		// After defaults processing the singular HostPort and GuestPort values should not be used again.
 	}
 
+	y.CopyToHost = append(append(o.CopyToHost, y.CopyToHost...), d.CopyToHost...)
+	for i := range y.CopyToHost {
+		FillCopyToHostDefaults(&y.CopyToHost[i], instDir)
+	}
+
 	if y.HostResolver.Enabled == nil {
 		y.HostResolver.Enabled = d.HostResolver.Enabled
 	}
@@ -618,6 +623,23 @@ func FillPortForwardDefaults(rule *PortForward, instDir string) {
 	}
 }
 
+func FillCopyToHostDefaults(rule *CopyToHost, instDir string) {
+	if rule.GuestFile != "" {
+		if out, err := executeGuestTemplate(rule.GuestFile); err == nil {
+			rule.GuestFile = out.String()
+		} else {
+			logrus.WithError(err).Warnf("Couldn't process guest %q as a template", rule.GuestFile)
+		}
+	}
+	if rule.HostFile != "" {
+		if out, err := executeHostTemplate(rule.HostFile, instDir); err == nil {
+			rule.HostFile = out.String()
+		} else {
+			logrus.WithError(err).Warnf("Couldn't process host %q as a template", rule.HostFile)
+		}
+	}
+}
+
 func NewArch(arch string) Arch {
 	switch arch {
 	case "amd64":

pkg/limayaml/defaults_test.go

@@ -135,6 +135,12 @@ func TestFillDefault(t *testing.T) {
 				HostSocket:  "{{.Home}} | {{.Dir}} | {{.Name}} | {{.UID}} | {{.User}}",
 			},
 		},
+		CopyToHost: []CopyToHost{
+			{
+				GuestFile: "{{.Home}} | {{.UID}} | {{.User}}",
+				HostFile:  "{{.Home}} | {{.Dir}} | {{.Name}} | {{.UID}} | {{.User}}",
+			},
+		},
 		Env: map[string]string{
 			"ONE": "Eins",
 		},
@@ -183,6 +189,10 @@ func TestFillDefault(t *testing.T) {
 		defaultPortForward,
 		defaultPortForward,
 	}
+	expect.CopyToHost = []CopyToHost{
+		{},
+	}
+
 	// Setting GuestPort and HostPort for DeepEqual(), but they are not supposed to be used
 	// after FillDefault() has been called and the ...PortRange fields have been set.
 	expect.PortForwards[1].GuestPort = 80
@@ -197,6 +207,9 @@ func TestFillDefault(t *testing.T) {
 	expect.PortForwards[3].GuestSocket = fmt.Sprintf("%s | %s | %s", guestHome, user.Uid, user.Username)
 	expect.PortForwards[3].HostSocket = fmt.Sprintf("%s | %s | %s | %s | %s", hostHome, instDir, instName, user.Uid, user.Username)
 
+	expect.CopyToHost[0].GuestFile = fmt.Sprintf("%s | %s | %s", guestHome, user.Uid, user.Username)
+	expect.CopyToHost[0].HostFile = fmt.Sprintf("%s | %s | %s | %s | %s", hostHome, instDir, instName, user.Uid, user.Username)
+
 	expect.Env = y.Env
 
 	expect.CACertificates = CACertificates{
@@ -298,6 +311,7 @@ func TestFillDefault(t *testing.T) {
 			HostPortRange:  [2]int{80, 80},
 			Proto:          TCP,
 		}},
+		CopyToHost: []CopyToHost{{}},
 		Env: map[string]string{
 			"ONE": "one",
 			"TWO": "two",
@@ -346,6 +360,7 @@ func TestFillDefault(t *testing.T) {
 	expect.Provision = append(y.Provision, d.Provision...)
 	expect.Probes = append(y.Probes, d.Probes...)
 	expect.PortForwards = append(y.PortForwards, d.PortForwards...)
+	expect.CopyToHost = append(y.CopyToHost, d.CopyToHost...)
 	expect.Containerd.Archives = append(y.Containerd.Archives, d.Containerd.Archives...)
 	expect.AdditionalDisks = append(y.AdditionalDisks, d.AdditionalDisks...)
 
@@ -465,6 +480,7 @@ func TestFillDefault(t *testing.T) {
 			HostPortRange:  [2]int{8080, 8080},
 			Proto:          TCP,
 		}},
+		CopyToHost: []CopyToHost{{}},
 		Env: map[string]string{
 			"TWO":   "deux",
 			"THREE": "trois",
@@ -481,6 +497,7 @@ func TestFillDefault(t *testing.T) {
 	expect.Provision = append(append(o.Provision, y.Provision...), d.Provision...)
 	expect.Probes = append(append(o.Probes, y.Probes...), d.Probes...)
 	expect.PortForwards = append(append(o.PortForwards, y.PortForwards...), d.PortForwards...)
+	expect.CopyToHost = append(append(o.CopyToHost, y.CopyToHost...), d.CopyToHost...)
 	expect.Containerd.Archives = append(append(o.Containerd.Archives, y.Containerd.Archives...), d.Containerd.Archives...)
 	expect.AdditionalDisks = append(append(o.AdditionalDisks, y.AdditionalDisks...), d.AdditionalDisks...)
 

pkg/limayaml/limayaml.go

@@ -24,6 +24,7 @@ type LimaYAML struct {
 	Containerd      Containerd      `yaml:"containerd,omitempty" json:"containerd,omitempty"`
 	Probes          []Probe         `yaml:"probes,omitempty" json:"probes,omitempty"`
 	PortForwards    []PortForward   `yaml:"portForwards,omitempty" json:"portForwards,omitempty"`
+	CopyToHost      []CopyToHost    `yaml:"copyToHost,omitempty" json:"copyToHost,omitempty"`
 	Message         string          `yaml:"message,omitempty" json:"message,omitempty"`
 	Networks        []Network       `yaml:"networks,omitempty" json:"networks,omitempty"`
 	// `network` was deprecated in Lima v0.7.0, removed in Lima v0.14.0. Use `networks` instead.
@@ -179,6 +180,11 @@ type PortForward struct {
 	Ignore            bool   `yaml:"ignore,omitempty" json:"ignore,omitempty"`
 }
 
+type CopyToHost struct {
+	GuestFile string `yaml:"guest,omitempty" json:"guest,omitempty"`
+	HostFile  string `yaml:"host,omitempty" json:"host,omitempty"`
+}
+
 type Network struct {
 	// `Lima`, `Socket`, and `VNL` are mutually exclusive; exactly one is required
 	Lima string `yaml:"lima,omitempty" json:"lima,omitempty"`

pkg/limayaml/validate.go

@@ -249,6 +249,19 @@ func Validate(y LimaYAML, warn bool) error {
 		// Not validating that the various GuestPortRanges and HostPortRanges are not overlapping. Rules will be
 		// processed sequentially and the first matching rule for a guest port determines forwarding behavior.
 	}
+	for i, rule := range y.CopyToHost {
+		field := fmt.Sprintf("CopyToHost[%d]", i)
+		if rule.GuestFile != "" {
+			if !path.IsAbs(rule.GuestFile) {
+				return fmt.Errorf("field `%s.guest` must be an absolute path", field)
+			}
+		}
+		if rule.HostFile != "" {
+			if !filepath.IsAbs(rule.HostFile) {
+				return fmt.Errorf("field `%s.host` must be an absolute path, but is %q", field, rule.HostFile)
+			}
+		}
+	}
 
 	if y.HostResolver.Enabled != nil && *y.HostResolver.Enabled && len(y.DNS) > 0 {
 		return fmt.Errorf("field `dns` must be empty when field `HostResolver.Enabled` is true")